Vulnerabilities > CVE-2009-0961 - Unspecified vulnerability in Apple Iphone OS and Ipod Touch

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
apple
exploit available
NVD
Published: 2009-06-19
Updated: 2022-08-09

Summary

The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.

Vulnerable Configurations

Part Description Count
OS
Apple
18
Hardware
Apple
1

Exploit-Db

  • descriptionApple iPhone 2.2.1 Call Approval Dialog Security Bypass Vulnerability (2). CVE-2009-0961. Remote exploit for hardware platform
    idEDB-ID:33045
    last seen2016-02-03
    modified2009-05-17
    published2009-05-17
    reporterCollin Mulliner
    sourcehttps://www.exploit-db.com/download/33045/
    titleApple iPhone <= 2.2.1 Call Approval Dialog Security Bypass Vulnerability 2
  • descriptionApple iPhone 2.2.1 Call Approval Dialog Security Bypass Vulnerability (1). CVE-2009-0961. Remote exploit for hardware platform
    idEDB-ID:33044
    last seen2016-02-03
    modified2009-05-17
    published2009-05-17
    reporterCollin Mulliner
    sourcehttps://www.exploit-db.com/download/33044/
    titleApple iPhone <= 2.2.1 Call Approval Dialog Security Bypass Vulnerability 1
  • descriptionApple iPhone 2.2.1 Call Approval Dialog Security Bypass Vulnerability (3). CVE-2009-0961. Remote exploit for hardware platform
    idEDB-ID:33046
    last seen2016-02-03
    modified2009-05-17
    published2009-05-17
    reporterCollin Mulliner
    sourcehttps://www.exploit-db.com/download/33046/
    titleApple iPhone <= 2.2.1 Call Approval Dialog Security Bypass Vulnerability 3

References